Feeds

Google throws a bone to privacy watchdogs

Will keep your data for 18 months

Providing a secure and efficient Helpdesk

Google is cutting back the time it holds user-identifying data - a little. But will this be enough to placate privacy advocates?

The search giant is to scrub personally identifying information after 18 months, compared with the limit of 18 months to two years it set out in March.

Google's Global Privacy Counsel Peter Fleischer announced the revised policy in a June 10 letter addressed to the head of a European Union working group that recently called on Google to justify why it needed to store personally identifiable information for as long as two years. The Article 29 Data Protection Working Party had also requested Google provide more details about how it planned to anonymize data.

"After considering the Working Party's concerns, we are announcing a new policy: to anonymize our search server logs after 18 months, rather than the previously-established period of 18-to-24 months," Fleischer wrote in an accompanying blog entry. But lest Google critics take to spontaneous dancing in the streets, Fleischer warned "that future data retention laws may obligate us to raise the retention period to 24 months".

If it sounds like Google is tip-toeing through a mine field, it's because the company has come under fierce attack by privacy advocates. Recently, Privacy International, a UK-based privacy watchdog, ranked Google's privacy practices last among major internet service companies. And a chorus of critics have formally complained to the Federal Trade Commission that Google's proposed acquisition of DoubleClick, the biggest online ad server company, would create a repository of consumer information so vast it would be ripe for abuse by Google, its partners and government agents.

To hear Fleischer tell it, Google is walking the razor-thin line between security, innovation and compliance on the one side and privacy on the other. While a decision not to collect personal information at all would warm the hearts of even the most jaded privacy advocates, it would hamper other important objectives, he says. Among them is internet security and enforcement of child protection laws, which benefit from Google collecting IP numbers and tying them to specific searches.

And as if that wasn't enough, Fleischer says, Google as a global business has to comply with a patchwork of conflicting laws that span the globe. Complying with, say, a European law that mandates that personal information be "kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data were collected or for which they are further processed" may seem like a simple thing. But try telling that to the US goon squad enforcing Sarbanes Oxley, which requires Google "retain business records sufficient to establish adequate financial and other controls".

Food for thought, perhaps, but Kevin Bankston, a staff attorney at the Electronic Frontier Foundation remains skeptical that forces beyond Google's control mandate the storing of personal data for such a long period. By comparison, he says, AOL anonymizes searches after 30 days. He also criticizes Google for not explaining exactly what laws it believes requires it to store information for as long as 18 months.

Says Bankston: "The burden is on Google to demonstrate why that is the case. Considering the much shorter retention periods of competitors like AOL, I don't think they've met that burden." ®

New hybrid storage solutions

More from The Register

next story
Brit telcos warn Scots that voting Yes could lead to HEFTY bills
BT and Co: Independence vote likely to mean 'increased costs'
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Turnbull: NBN won't turn your town into Silicon Valley
'People have been brainwashed to believe that their world will be changed forever if they get FTTP'
Blockbuster book lays out the first 20 years of the Smartphone Wars
Symbian's David Wood bares all. Not for the faint hearted
Bonking with Apple has POUNDED mobe operators' wallets
... into submission. Weve squeals, ditches payment plans
ISPs' post-net-neutrality world is built on 'bribes' says Tim Berners-Lee
Father of the worldwide web is extremely peeved over pay-per-packet-type plans
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.